Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Rootkit Found

I have NIS 2010 installed on my PC and I do a couple scans a day with Norton, Malwarebytes, and Hitman Pro 3.5.5. I just did a scan with Hitman Pro and it found a Rootkit in C:\Windows\system32\DRIVERS\

Isn't Norton supposed to detect and block these kind of malware attacks?????

I have NIS 2010 installed on my PC and I do a couple scans a day with Norton, Malwarebytes, and Hitman Pro 3.5.5. I just did a scan with Hitman Pro and it found a Rootkit in C:\Windows\system32\DRIVERS\

Isn't Norton supposed to detect and block these kind of malware attacks?????

Not very happy right now since Rootkits can do many things...

Hello !!

What is File name that was detected ?? Maybe it's just a False Positive

File name is elxstor.sys
Does Hitman Pro tend to get known good files mixed up?

It's not a virus look this webiste Elxstor.sys Analysis Report If you're wanting to individually scan this file for a virus, use VirusTotal and upload elxstor.sys to have it scanned with dozens of different anti-virus scanners at once.

File name is elxstor.sys
Does Hitman Pro tend to get known good files mixed up?

It's not a virus look this webiste Elxstor.sys Analysis Report If you're wanting to individually scan this file for a virus, use VirusTotal and upload elxstor.sys to have it scanned with dozens of different anti-virus scanners at once.

What would happen if I told Hitman Pro to quarantine/delete the infection and this WAS a false positive. I have Symantec Support saying it's an infection. What would happen if I was to delete the said file?

Why did Hitman clissify this as malware when it's a perfectly good file?

Symantec is telling me that Hitman Pro will conflict.

Hitman Pro is an malware scanner and should not conflict with Symantec.

It is not unusual for false/positives to occur. Thus, the need to pay attention to what is happening on your computer.

Quote: Originally Posted by codyw

I went to the DRIVERS folder under the C drive and manually scanned the folder with Norton and it said everything was fine.

Quote: Originally Posted by codyw

What would happen if I told Hitman Pro to quarantine/delete the infection and this WAS a false positive. I have Symantec Support saying it's an infection. What would happen if I was to delete the said file?

Your two posts have conflicting information. One indicates that NAV said the Drivers folder is fine and the second indicates Symantec Supports indicates an infection. Which is it?

Did you scan the specific file at VirusTotal as suggested by Capt.Jack Sparrow?

As to what would happen if you delete the driver, you would no longer have a driver for LightPulse Host Bus Adapters (HBAs).

No, I did not go to VirusTotal. But I still have my Kaspersky 2010 license. What I'm going to do is put it on after wiping Norton. If it finds the infection, then I'll know it was bad. Because Hitman Pro is cloud based leads me to thinking it has to be some kind of infection. I was reading up on Rootkits too since I never really had experience with them. Exactly, how do they act as malware? Do they come through your firewall or how do they get in?

operating system not found and no drivers were found eroras usual I turned off my laptop and after a while a turned on again to use my laptop but it couldn't reach operating system and showed error :
" OPERATING SYSTEM NOT FOUND" !
I tried all instructions to solve the problem and finally run by windows start up CD to
re-install new windows. this...

Avast Found Rootkit - TrustedInstaller.exeI have a 2 day old install has had limited Internet contact to only install updates and AV/Firewall/Malware software. Avast prompted me with a Rootkit Found message pointing to C:\Windows\servicing\TrustedInstaller.exe. I ran Avast and Emsisoft Anti-Malware on the file in that location showing it...

System Security

Rootkit found -- avast! 5Hello!
avast! 5 found a Rootkit: :(
C:\Windows\system32\drivers\ccdcmb.sys
and
C:\Windows\system32\drivers\ccdcmbo.sys
Please help me what do I do??
and.... Is avast 5 really compatible with Windows 7? Some say they get the "Blue-screen Error" :)